Security operations centers (SOCs) are under unsustainable pressure. The average enterprise SOC now sees around 10,000 alerts per day. Properly investigating each one can take 20 to 40 minutes, yet even fully staffed teams can only examine roughly 22% of them. More than 60% of security teams admit they have ignored alerts that later proved critical.
Against that backdrop, it is no surprise that tier-1 SOC work is being turned into code. Triaging, enriching, and escalating alerts are increasingly carried out by supervised AI agents instead of junior analysts. Response times are falling as machines operate at far beyond human speed.
But compressing response times is only half the challenge. Without clear governance boundaries—what AI is allowed to do on its own, what always needs human approval, and how to handle uncertainty—many of these automation initiatives are at high risk of failure. Gartner predicts that more than 40% of agentic AI projects will be canceled by the end of 2027, driven largely by unclear business value and inadequate governance.
For security leaders and SOC managers, the question is no longer whether to automate triage. It’s whether that automation will be governed well enough to be safe, sustainable, and actually useful.
The crushing reality of modern SOC workloads
The traditional SOC model was never designed for today’s threat volume and tempo. Multiple detection tools feed overlapping streams of alerts, often with inconsistent or conflicting signals. Many of those systems still cannot share context with each other, forcing analysts to swivel between consoles and rebuild the story of an incident by hand.
The impact on teams is profound. Burnout across SOCs is so severe that some senior analysts are reconsidering their careers altogether. When high-value talent spends most of the day on low-value, repetitive triage and manual enrichment, the role becomes both exhausting and unrewarding. The industry’s talent pipeline cannot refill positions as fast as burnout is emptying them.
At the same time, attackers have evolved. CrowdStrike’s 2025 Global Threat Report documented breakout times—the window between initial compromise and lateral movement—as fast as 51 seconds. The report also found that 79% of intrusions are now malware-free, relying instead on identity abuse, credential theft, and living-off-the-land techniques.
Those tactics leave fewer obvious artifacts for traditional tools to detect, and they unfold at machine speed. Manual triage processes built for hourly response cycles cannot compete with an attacker who can gain a foothold and move laterally in under a minute.
As Matthew Sharp, CISO at Xactly, put it: adversaries are already using AI to attack at machine speed, and organizations cannot defend against AI-driven attacks with human-speed responses. This mismatch is precisely why SOC tasks are being reimagined as software functions.
From tier-1 analysts to tier-1 code
The first tier of SOC work—triage, basic enrichment, and initial escalation—has historically been the entry point for junior analysts. Today, those tasks are increasingly automated. Supervised AI agents review alerts, pull in relevant context, correlate signals, and decide whether something merits deeper investigation.
In this model, human analysts shift their focus. Instead of spending time on rote classification and data gathering, they concentrate on complex investigations, reviewing AI decisions, and resolving edge cases that do not fit known patterns. The goal is to keep humans where judgment, intuition, and experience are most valuable, while handing volume-driven pattern work to machines.
Early deployments show that, when well tuned, AI can compress threat investigation timeframes significantly while matching or even exceeding the accuracy of senior analysts. In some documented cases, AI-driven triage has reached over 98% agreement with human expert decisions and reduced manual workloads by more than 40 hours per week.
Those gains are not just about speed. They are about ensuring that the alerts which do reach humans are higher quality and better enriched, so scarce analyst time is spent more effectively. But these benefits are fragile: without clear boundaries, the same automation that accelerates response can also amplify mistakes or introduce new operational risks.
Bounded autonomy: the core design pattern
The SOCs that are successfully compressing response times are converging on a common design pattern: bounded autonomy. Under this model, AI agents have authority to act autonomously within clearly defined limits, while humans retain control over high-impact decisions and ambiguous situations.
In practice, this often looks like:
AI agents automatically triage, correlate, and enrich the vast majority of alerts.
For low- to moderate-severity issues with well-understood patterns, agents can take predefined containment actions—such as isolating a workstation or revoking a session—without human involvement.
For high-severity incidents, or those with significant operational risk, humans must explicitly approve containment actions even if the AI’s confidence is high.
This division of labor lets organizations process alert volumes at machine speed, while keeping human judgment in the loop where the blast radius is potentially large: production systems, critical identities, or business-critical workflows.
Bounded autonomy is not just an operational convenience; it is a governance stance. It reflects a deliberate decision about where to accept automated action and where to insist on human oversight. Without those decisions being explicit, the line between safe automation and risky autonomy becomes dangerously blurry.
Why graphs and context matter more than ever
As SOCs move toward bounded autonomy, the underlying data model becomes more important. Traditional SIEM tools tend to present alerts as isolated events: a failed login here, a suspicious process there. Analysts must mentally stitch together these signals into a coherent narrative.
Graph-based detection changes that dynamic. By representing entities—users, devices, services, credentials—and their relationships in a graph database, AI agents can see not just what happened, but how it connects to everything else.
For example, a suspicious login from an unusual location might look benign in isolation. But when the system understands that the account is only two hops away from a domain controller, and that a related endpoint recently executed a questionable script, the risk picture changes sharply. Instead of triaging alerts one at a time, AI can follow probable attack paths through the environment.
This shift from event-centric to relationship-centric detection underpins many of the performance gains seen in AI-assisted SOCs. It enables faster, more accurate decisions about which alerts matter, which can be safely deprioritized, and where automated containment is justified within the established governance boundaries.
ServiceNow, Ivanti, and the expansion into IT operations
The same pressures reshaping SOCs are now spreading into broader IT operations and service management. Gartner expects multi-agent AI in threat detection to grow from about 5% of implementations today to 70% by 2028, signaling a mainstream move toward autonomous and semi-autonomous agents.
Major vendors are responding. ServiceNow spent roughly $12 billion on security-related acquisitions in 2025 alone, a consolidation push that reflects how central automation and AI have become to its platform strategy.
Ivanti offers another example of this shift. After nation-state attackers underscored the urgency of hardening its products, the company compressed a three-year kernel-hardening roadmap into 18 months. Building on that experience, Ivanti has announced agentic AI capabilities for IT service management, bringing the same bounded-autonomy model that is reshaping SOCs to the service desk.
Customer previews are planned for Q1, with broader availability expected later in 2026. The promise is familiar to security leaders: 24/7 coverage without needing to scale headcount at the same rate. Robert Hanson, CIO at Grand Bank, described the goal as delivering continuous support while freeing service desk staff to concentrate on complex challenges, instead of being consumed by routine tickets.
The pattern is consistent across sectors like financial services, healthcare, and government. The workloads that are overwhelming SOCs—high volume, low signal-to-noise, repetitive tasks—are also overwhelming service desks. Agentic AI operating within governance boundaries is emerging as a common response.
Three governance boundaries every SOC needs
Despite the appeal of automation, Gartner’s forecast that more than 40% of agentic AI projects will be canceled by 2027 is a cautionary signal. The main failure modes—unclear business value and inadequate governance—are preventable, but only if SOC leaders define explicit boundaries up front.
At minimum, teams should clarify three governance dimensions for bounded autonomy:
Which alert categories agents can act on autonomously. These are typically lower-severity, well-understood scenarios where the containment action is reversible or has low business impact. Examples might include auto-isolating an endpoint that matches known-bad indicators, or forcing a password reset for clearly compromised accounts.
Which alerts always require human review, regardless of confidence. High-severity or high-blast-radius situations—such as potential domain controller compromise, core banking system anomalies, or critical production outages—should trigger human approval before containment, even if the AI assesses them as almost certainly malicious.
What escalation paths apply when certainty falls below a threshold. For ambiguous cases, SOCs need predefined playbooks: who is paged, what additional data is collected, and how quickly decisions must be made. This prevents AI from either overacting (causing unnecessary disruption) or underacting (missing genuine threats) when confidence is low.
High-severity incidents, in particular, should be explicitly bound by policies that require human sign-off before disruptive actions. That may slow some responses, but it reduces the risk that an overzealous agent becomes, in effect, a chaos agent within the SOC.
These governance structures are not optional if organizations want the benefits of modern tooling. They are essential to realizing faster triage and containment without introducing uncontrolled operational risk.
AI, weaponized vulnerabilities, and zero-trust resilience
Attackers are already exploiting automation and AI to mine publicly disclosed vulnerabilities, including CVEs, faster than defenders can respond. They move quickly to weaponize new weaknesses, building exploit chains that can be deployed at scale.
In this environment, autonomous detection and rapid triage are becoming table stakes. A zero-trust posture assumes compromise is inevitable and emphasizes continuous verification and least-privilege access. But those principles only translate into real resilience if organizations can detect and respond at comparable speed to the adversary.
Bounded autonomy helps reconcile that need for speed with the equally pressing need for control. AI agents can continuously monitor, correlate, and flag suspected abuse of identities, credentials, and trusted tools—precisely the vectors that dominate modern, malware-free intrusions—while governance boundaries ensure that containment actions remain aligned with business risk tolerance.
The alternative is untenable: human-only SOCs attempting to manually chase every signal in a world where both vulnerabilities and exploits are being industrialized.
Where to start: low-risk workflows that deliver quick wins
For security leaders planning their automation roadmap, the most pragmatic starting point is not the most sophisticated use case, but the safest. Teams should begin with workflows where failure is recoverable and the blast radius is small, while still capturing a large share of current analyst time.
Three candidates typically fit that profile and together can consume up to 60% of analyst time while adding limited investigative value:
Phishing triage. Initial classification and enrichment of suspected phishing emails can be automated, with missed escalations caught in a secondary human review of borderline cases or post-delivery detections.
Password reset automation. Requests that meet predefined criteria and risk checks can be handled automatically. The blast radius is low, and errors are relatively easy to correct.
Known-bad indicator matching. Deterministic checks against threat intelligence—IP addresses, domains, file hashes—are well suited to automation because the logic is clear and the decision criteria are stable.
The recommended pattern is to automate these workflows first, then validate AI decisions against human judgments for a defined period—such as 30 days. This provides empirical evidence of accuracy, highlights edge cases, and builds confidence that bounded autonomy is working as intended.
From there, SOC leaders can gradually expand automation into more complex workflows, always anchored by clearly defined governance boundaries and continuous validation against human expert decisions.
The destination is not a fully autonomous SOC, but a well-governed partnership between human analysts and AI agents—one where tier-1 work has become robust code, response happens in minutes or seconds instead of hours, and burnout no longer defines the role of the defender.
Hi, I’m Cary Huang — a tech enthusiast based in Canada. I’ve spent years working with complex production systems and open-source software. Through TechBuddies.io, my team and I share practical engineering insights, curate relevant tech news, and recommend useful tools and products to help developers learn and work more effectively.
